It is best to first understand the interactions between Sentry and RabbitMQ. This is not the same as most traditional network policies where a listener is setup on Sentry for incoming requests. The AMQP listener and remote policies attach to the actual listener on the RabbitMQ server. The job of the AMQP listener and remote policies are to consume or deposit a message. When a message arrives at the RabbitMQ queue the the Sentry AMQP listener consumes the message, processes the message, and then forwards to the remote policy - which may put it on another queue or send via HTTP or another protocol.
This use case consumes messages from RabbitMQ and translates them to HTTP requests. These are the steps for the message translation:
1. RabbitMQ Configuration
The latest version of RabbitMQ as of this writing is 3.4.4-1 (visit http://www.rabbitmq.com/install-rpm.html for more details). Once you install RabbitMQ, add a user and set the user’s permissions. Here are some quick commands, if installed on Linux:
# rabbitmqctl list_users
# rabbitmqctl add_user admin password
# rabbitmqctl set_permissions -p / admin ".*" ".*" ".*"
Below are the steps to enable the web based client to let you browse the RabbitMQ server setup:
# rabbitmq-plugins enable rabbitmq_management
# rabbitmqctl set_user_tags admin administrator
To connect, access: http://server-name:15672 in a web browser.
2. Sentry Configuration
Below is a setup for an XML Policy that consists of AMQP Listener and HTTP Remote policies:
a. AMQP Listener:
- Connection Settings are those of the RabbitMQ server.
- Routing Key is an existing queue that messages are delivered to. The AMQP policy will pick messages off of that queue. (More on routing_key is found at: http://www.rabbitmq.com/tutorials/tutorial-four-java.html)
b. Remote Policy:
This is the end point where messages will be delivered after Sentry processing:
c. Task List:
An example task list would be to change the message before forwarding to HTTP. It may be the case that the message needs to be included in some request document. Below is an example where the message is “Hello World!” that is being rewritten to “Hello World from Rabbit!":
d. Content Policy:
Create a Content Policy with the above listener, remote and task list policies.
In the following example we have sent a simple “Hello World!” message to RabbitMQ (using the pika 0.9.8 Python client). The message was picked up by the Sentry listener, processed through a task list to change the “Hello World!” into “Hello World from Rabbit!” then forwarded to the back end 10.5.1.149.
The Sentry System Log shows the full transaction detail as seen in the image below. The AMQP listener picks up the message processes a Pattern Match Task List to change the message and finally sends the processed message to the back-end receiving a 200 OK. You can also see the message delivery acknowledgement: